WORLD INTELLECTUAL PROPERTY ORGANIZATION 
International Bureau 




INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(51) International Patent Classification 6 : 
H04L 12/18 


A2 


(11) International Publication Number: WO 99/50994 
(43) International Publication Date: 7 October 1999 (07.10.99) 


(21) International Application Number: PCT/SE99/005 1 7 

(22) International Filing Date: 30 March 1999 (30.03.99) 

(30) Priority Data: 

9801152-1 1 April 1998 (01.04.98) SE 

(71) Applicant: TELIA AB (publ) [SE/SE]; Marbackagatan 11, 

S-123 86 Farsta (SE). 

(72) Inventor: HEDQVIST, Torbjom; Gamla Kungsgatan 8, S-392 

33 Kalmar (SE). 

(74) Agent: PRAGSTEN, Rolf; Telia Research AB, Corporate 
Patent Dept., Vitsandsgatan 9, S-123 86 Farsta (SE). 


(81) Designated States: EE, LT, LV t NO, European patent (AT, 
BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, 
MC. NL, PT, SE). 

Published 

Without international search report and to be republished 
upon receipt of that report. 



(54) Title: IMPROVEMENTS IN, OR RELATING TO, DATA CONFERENCES 




B1 




B2 




B3 



(57) Abstract 

A system, for supporting tele-data conferences, in which data can be exchanged between participants has a conference server in 
which conference proceedings are conducted. The conference server is located within an internal data network. Participants' computers are 
connected to the conference server via an external data network and reception computer. A chairperson controls the conference via a control 
and supervision computer. Data transmission between the participants* computers and the conference server employs IP. The control and 
supervision computer provides a conference leader with dynamic control over participants' access and use of said conference server. 
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Improvements In, or Relating to. Data Conferences 

The present invention relates to a telecommunications system adapted to 
support data conferences in which a plurality of participant computers are 
cooperatively linked, methods of providing data conferences in which a plurality of 
participant computers are cooperatively linked and a control unit for controlling a 
data conference in which a plurality of participant computers are cooperatively 
linked. 

There is a need, in many spheres of activity, to improve the efficiency of 
cooperation between geographically distributed organizations. A serious problem, 
in relation to cooperative interworking requiring the exchange of data, is ensuring 
tne safety and security of data. More specifically, the problem is to effect adequate 
supervision and control over the security of data and, at the same time, provide the 
necessary flexibility for effective conference working where two, or more, computers 
are connected over a data network and cooperate on a common data, or working, 
server. 

It is an object of the present invention to provide a telecommunications, . 
system for the safe and secure support of data conferences. 

So far as is know, there is no product currently in existence that provides the 
functionality of the present invention. Furthermore, so far as is currently known, no 
attempts have been made to resolve the conflict inherent in data conferencing 
between flexibility and data security/safety. 

The present invention can be used in a variety of electronic conferences and 
provides a secure and safe environment for data exchange while, at the same time, 
allowing for flexible operation. Situations where electronic conferencing can be 
used with great advantage include: 

product development projects in the engineering industry; 
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budgetary planning and revision; 

marketing meetings in marketing organisations which are 
geographically dispersed; 

construction meetings in big building projects; 

technical maintenance work; 

technical support; 

administration of complaints; and 

in connection with education. 

Throughout the whole of society, there are big advantages to be gained by 
employing information technology to provide cooperation and conferencing at a 
distance. Such arrangements are analogous to multi-party telephone calls, or audio 
conferencing. However, the IT techniques available today mean that it should be 
possible, not simply to have audio conferences, but to provide, in addition, multi- 
media links enabling a conference group to look at pictures, models, make common 
drawings in a document etc.. 

There are a whole range of products currently on the market, e.g. video 
conference equipments, collaborative software, etc., which facilitate different 
aspects of tele-conferencing. 

However, a real problem with all the products and services currently 
available is the data security risks associated with tele-based advanced 
conferences. The present invention addresses and solves this problem. 

The metaphor for the present invention, is based on the fundamentals of a 
real world conference, operated without the benefits of IT, and the way in which 
security is provided in such a conference. 
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The normal routine, in a company, or an organization, which is hosting a 
conference, is to bring the participants together in a conference room on the 
organising entity's premises. The conference room has all the means (conference 
tables, OH-projector, whiteboard, video recorder) that are needed to support the 
meeting. External visitors, who are going to attend the conference, arrive at a 
reception facility, sign into a visitors 1 register, are given visitor badges and are 
accompanied into the conference room. At the end of the meeting, the visiting 
participants are escorted off the premises and their departure is noted down in the 
visitors' register. 

The present invention is based on the same functionality. This is achieved 
by means of an arrangement of computers and safety functions, which give a 
chairperson, hosting the meeting, the ability to "meet and fetch" visitors to a 
computerized conference room, "supervise and control" the activities of the 
participants during the meeting and, at the end of the conference, "accompany the 
participants out" and "close and lock the conference room". 

, The system of the present invention does not limit the conferencing tools 
which can be deployed in the "conference room". This further strengthens the 

metaphor that the system is a conference room. 

* 

The present invention resides in the realisation of a real world conference 
system in cyberspace by the use of an appropriate computer architecture. 

According to a first aspect of the present invention, there is provided a 
telecommunications system, adapted to provide a platform for tele-conferencing in 
which data can be exchanged between participants and in which conference 
proceedings are conducted on a conference server located within an internal data 
network, characterised in that participants' computers are connected to said 
conference server via an external data network and reception computer and in that 
said conference is controlled via a control and supervision computer. 

According to a second aspect of the present invention, there is provided a 
method of data conferencing using a telecommunications system in which data can 
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be exchanged between participants and in which conference proceedings are 
conducted on a conference server located in an internal data network, 
characterised by connecting participants* computers to said conference server via 
an external data network and reception computer and controlling access to, and 
participant behaviour on, said conference server via a control and supervision 
computer. 

According to a third aspect of the present invention, there is provided a data 
conference unit, for use with a telecommunications system in which data can be 
exchanged between participants, said data conference unit adapted to operate in 
an internal data network protected by a firewall, characterised in that said data 
conference unit includes a conference server on which conference proceeding may 
be conducted, a reception computer, connected to said conference server, said 
reception computer adapted for connection to conference participants' computers, 
via an external data network, and a control and supervision computer connected 
to said conference server and said reception computer and adapted to control 
access to, and participant behaviour on, said conference server. 

Said conference server, said reception computer and said control and 
supervision computer may be a single data processing machine having functionally 
distinct modules for providing data conference facilities, reception control and 
conference control. 

Alternatively, said conference server, said reception computer and said 
control and supervision computer may be separate and distinct data processing 
machines linked by data connections which are distinct from, and not directly 
connected to, said internal data network. 

Data transmission between said participants* computers and said 
conference server may employ IP. 

Said control and supervision computer may be adapted to provide a 
conference leader with dynamic control over participants' access and use of said 
conference server. 
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Said reception computer may provide a firewall preventing access by 
conference participants to said internal data network. 

Said control and supervision computer may enable a conference leader to 
control said reception computer and thence to control admission to a conference 
being run on said conference server. 

Admission to said conference server may be controlled by non-recurrent 
passwords issued to participants. 

An audio conference facility may operate in conjunction with said conference 

server. 

Said non-recurrent passwords may be issued to participants by a 
conference leader in a voice communication over said audio conference facility. - 

Admission to said conference server may be controlled by non-recurrent 
passwords issued by a conference leader to participants in a voice communication 
over said audio conference facility. 

Said control and supervision computer may enable a conference leader to 
activate applications software resident on said conference server and to control 
computer files accessed by said conference server, including files containing 
documents, drawings, calculations, simulations and video film. 

Said control and supervision computer may report all attempts to access 
said conference server to a conference leader. 

Said control and supervision computer may maintain a log and audit trail of 
a conference conducted on said conference server. 

Said conference server may include the following functional components: 
"connected application" and "whiteboard". 
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Said conference server may have a number of software applications 
resident thereon, including: word processing, a database, a spreadsheet, a graphics 
package, a video streamer and a video conference package. 



Said participants to said conference may, via participant's computers and 
5 subject to control and supervision by said conference leader, access and 

manipulate software and data resident on said conference server, and thereby 
cooperatively interact with each other and said conference leader. 

Embodiments of the invention will now be described, by way of example, 
with reference to the accompanying drawings, in which: 

10 Figure 1 illustrates, in schematic form, a computer architecture on which the 

present invention is based. 

Figure 2 illustrates the conference metaphor underlying the present 
invention. 

Referring to Figure 1 , the present invention comprises an arrangement of 
15 intercommunicating computers. A specially configured computer A, controls, 

checks and supervises all data traffic between a number of computers B1, B2, 

B3 f belonging to conference participants and a third computer C, on which is 

held a centra) data store used by all conferees. Computer A corresponds to the 
reception unit of Figure 2 and computer C is the conference server, i.e. the 
20 conference room of Figure 2. A fourth computer D, belongs to the conference 

chairperson and is connected, with special privileges, to the computers A and C. 
The computer D, which corresponds to the control and supervision module of 
Figure 2, is programmed so that the operator can, dynamically and with full 
oversight, selectively instruct the computer A to permit, or deny, the operators of 
25 the computers B1, B2, B3, ... to exchange data traffic with the computer C. This 

architecture tifSiitss a situation where the leader of a tele-conference meeting can, 
in a manner which is similar to the operation of a normal meeting in a conference 
room, control and check whe^partici pates in the meeting and what the different 
participants do. 
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The conference metaphor, for the present invention, is illustrated in Figure 
2. Within the borders of an internal data network, there is provided a reception unit, 
corresponding to computer A of Figure 1, which links the main data server, 
controlled by computer C, of Figure 1, to an external data network and external 
participants, i.e. the remote computers B1, B2, B3, of Figure 1. Computer D, of 
Figure 1 ( corresponds to the control and supervision module for the conference 
leader. The main data server, or conference server, is located in the conference 
leader's internal data network, which may be protected by a firewall. The reception 
unit provides a point of controlled ingress through the firewall. This ensures that all 
conference links to the outside world and external data networks are securely 
controlled and monitored. 

The computers A, C and D of Figure 1, i.e. the reception unit, the 
conference room and, the control and supervision module may be realised on a 
single data processing machine. However, for reasons of maintaining maximum 
data security, there is a considerable advantage in using stand alone machines for 
these functions and linking the machines through appropriate data links which 
operate independently of, and are not directly connected to, the conference leaders 
internal data network. 

The present invention assumes that the majority of communicating business 
systems will, technically, be based on IP-architectures. 

The invention facilitates the provision of a safe and flexible dynamic 
conference environment in an intranet/extranet/internet architecture. 

The present invention meets the following requirements: 

(a) Electronic simulation of an ordinary conference environment, or 
conference room, by an IP-environment. 

(b) Provides the conference leader, or chairperson, with dynamic 
control over the persons participating in the conference, in particular 
the ability to permit, or deny, participation in the conference. 
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An effective barrier, or firewall, is provided to prevent participants in 
penetrating the data network of the conference chairperson, beyond 
the conference facility. 

The conference chairperson has the ability to control the 
establishment of the conference and the method by which the 
conference is established. In particular, the chairperson has control 
over admissions to the conference. Initially the conference starts 
with "an empty conference room". 

The conference can include both data and voice transmission, so 
that delegates to the conference can speak to each other. 
Techniques for audio conferencing are well known in the art and will 
not be further described in this specification. 

The conference may be set up, or be initiated, by the chairperson 
placing telephone calls to the other participants. During this step, 
each participant is given a non-recurrent password to enable access 
to the conference. The password acts as an "entry badge" for 
conference participants. 

The conference is realised on a conference server, the 
chairperson's working machine, to which access, and participant 
behaviour on, is controlled by an administration computer, which 
may, in turn be controlled, or operated, by the chairperson. 

It is by operation of the administration computer that the chairperson 
accepts, rejects, or excludes participants. It is the administration 
computer alone that enables the chairman to fetch documents 
(drawings, calculations, simulations, video films etc) which are to be 
shown, or manipulated, via the conference server. This means that 
the applications software required to open all the documents used 
in the conference must be resident on the conference server. 
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(i). Applications software, which is an intuitive and easy to use 
application enabling the chairperson see and control the status of 
the conference, is resident on the administration server. Producing 
such software is a routine matter for those skilled in the art. This 
software will enable the chairperson to readily see who is connected - 
to the conference server. When somebody makes an attempt to 
access the server, the access attempt is flagged up to the 
chairperson for acceptance, or rejection. The applications software 
produces a log and audit trail for the whole conference. 

(j) Network security normally requires the use of encryption, or private 
networks. This does not happen in the conference environment. In 
the conference system of the present invention, data security is 
maintained by permitting only controlled access to the conference 
server, via a reception unit. 

Key elements in the present invention are the conference server and the 
administration server. From a technical view point, the conference server is a 
comparatively ordinary computer. However, the administration server is an 
especially configured firewall/access server, which encapsulates the conference. 

A basic concept underlying the present invention, particularly the 
conference server, is that all participants to the conference have access to a 
conference program of the type MS Netmeeting. This is resident on the conference 
server. The participants, via various functional components, such as, "connected 
application", "whiteboard" etc, participate in the work and/or see ordinary 
applications which are run on the conference server. Operation of the conference 
server is, of course, controlled by the chairperson. 

Software applications resident on the conference server should, for 
example, include MS Office, AutoCAD, a video streamer and a video conference 
program. In constructing the full operational architecture of the conference server 
applications it is important that priority be given to simplicity, modularity and low 
cost. Standard software is used to the fullest possible extent. Bespoke software 
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development of system components is to be avoided, as far as possible. However, 
the control module and its user interface has to be bespoke software. 
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CLAIMS 

1. A telecommunications system, adapted to provide a platform for tele- 
conferencing in which data can be exchanged between participants and in which 
conference proceedings are conducted on a conference server located within an 
internal data network, characterised in that participants 1 computers are connected 
to said conference server via an external data network and reception computer and 
in that said conference is controlled via a control and supervision computer. 

2. A telecommunications system, as claimed in claim 1 , characterised in that 
said conference server, said reception computer and said control and supervision 
computer are a single data processing machine having functionally distinct modules 
for providing data conference facilities, reception control and conference control. 

3. A telecommunications system, as claimed in claim 1 , characterised in that 
said conference server, said reception computer and said control and supervision 
computer are separate and distinct data processing machines linked by data 
connections which are distinct from, and not directly connected to, said internal data 
network. 

4. A telecommunications system, as claimed in any previous claim, 
characterised in that data transmission between said participants' computers and 
said conference server employs IP. 

5. A telecommunications system, as claimed in any previous claim, 
characterised in that said control and supervision computer is adapted to provide 
a conference leader with dynamic control over participants' access and use of said 
conference server. 

6. A telecommunications system, as claimed in any previous claim, 
characterised in that said reception computer provides a firewall preventing access 
by conference participants to said internal data network. 



WO 99/50994 



PCT/SE99/00517 



- 12- 

7. A telecommunications system, as claimed in any previous claim, 
characterised in that said control and supervision computer enables a conference 
leader to control said reception computer and thence to control admission to a 
conference being run on said conference server. 

8. A telecommunications system, as claimed in any previous claim, 
characterised in that admission to said conference server is controlled by non- 
recurrent passwords issued to participants. 

9. A telecommunications system, as claimed in any previous claim, 
characterised in that there is provided an audio conference facility operating in 
conjunction with said conference server. 

10. A telecommunications system, as claimed in claim 9, when dependent on 
claim 8, characterised in that said non-recurrent passwords are issued to 
participants by a conference leader in a voice communication over said audio 
conference facility. 

11. A telecommunications system, as claimed in any previous claim, 
characterised in that said control and supervision computer enables a conference 
leader to activate applications software resident on said conference server and to 
control computer files accessed by said conference server, including files containing 
documents, drawings, calculations, simulations and video film. 

12. A telecommunications system, as claimed in any previous claim, 
characterised in that said control and supervision computer reports all attempts to 
access said conference server to a conference leader. 

13. A telecommunications system, as claimed in any previous claim, 
characterised in that said control and supervision computer maintains a log and 
audit trail of a conference conducted on said conference server. 

14. A telecommunications system, as claimed in any previous claim, 
characterised in that said conference server includes the following functional 
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components: "connected application" and "whiteboard". 

15. A telecommunications system, as claimed in any previous claim, 
characterised in that said conference server has a number of software applications 
resident thereon, including: word processing, a database, a spreadsheet, a graphics 
package, a video streamer and a video conference package. 

16. A telecommunications system, as claimed in any previous claim, 
characterised in that said participants to said conference can, via participant's 
computers and subject to control and supervision by said conference leader, 
access and manipulate software and data resident on said conference server, and 
tnereby cooperatively interact with each other and said conference leader. 

1 7 A method of data conferencing using a telecommunications system in which 
data can be exchanged between participants and in which conference proceedings 
are conducted on a conference server located in an internal data network, 
characterised by connecting participants' computers to said conference server via 
an external data network and reception computer and controlling access to, and 
participant behaviour on, said conference server via a control and supervision 
computer. 

18. A method, as claimed in claim 17, characterised by conference server, said 
reception computer and said control and supervision computer being a single data 
processing machine having functionally distinct modules for providing data 
conference facilities, reception control and conference control. 

19. A method, as claimed in claim 17, characterised by said conference server, 
said reception computer and said control and supervision computer being separate 
and distinct data processing machines linked by data connections which are distinct 
from, and not directly connected to, said internal data network. 

20. A method, as claimed in any of claims 17 to 19, characterised by employing 
IP for data transmission between said participants 1 computers and said conference 
server. 
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21. A method, as claimed in any of claims 17 to 20, characterised by said 
control and supervision computer providing a conference leader with dynamic 
control over participants 1 access and use of said conference server. 

22. A method, as claimed in any of claims 17 to 21, characterised by said 
reception computer providing a firewall to prevent access by conference 
participants to said internal data network. 

23. A method, as claimed in any of claims 17 to 22, characterised by said 
control and supervision computer enabling a conference leader to control said 
reception computer and thence to control admission to a conference being run on 
said conference server. 

24. A method, as claimed in any of claims 17 to 23, characterised in that 
admission to said conference server is controlled by non-recurrent passwords 
issued to participants. 

25. A method, as claimed in any previous claim, characterised in that there is 
provided an audio conference facility operating in conjunction with said conference 
server. 

26. A method, as claimed in claim 25 when dependent on claim 24, 
characterised in that said non-recurrent passwords are issued to participants by a 
conference leader in a voice communication over said audio conference facility. 

27. A method, as claimed in any of claims 17 to 26, characterised by a 
conference leader using said control and supervision computer to activate 
applications software resident on said conference server and to control computer 
files accessed by said conference server, including files containing documents, 
drawings, calculations, simulations and video film. 

28. A method, as claimed in any of claims 17 to 26, characterised by said 
control and supervision computer reporting all attempts to access said conference 
server to a conference leader. 
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29. A method, as claimed in any of claims 17 to 27, characterised by said 
control and supervision computer maintaining a log and audit trail of a conference 
conducted on said conference server. 

30. A method, as claimed in any of claims 17 to 29, characterised by said 
conference server having the following functional components: "connected 
application" and "whiteboard". 

31. A method, as claimed in any of claims 17 to 30, characterised by said 
conference server having a number of software applications resident thereon, 
including: word processing, a database, a spreadsheet, a graphics package, a 
video streamer and a video conference package. 

32. A method, as claimed in any of claims 17 to 31, characterised by said 
participants to said conference accessing and manipulating software and data 
resident on said conference server, thereby cooperatively interacting with each 
other and said conference leader, via participant's computers and subject to control 
and supervision by said conference leader. 

33. A data conference unit, for use with a telecommunications system in which 
data can be exchanged between participants, said data conference unit adapted 
to operate in an internal data network protected by a firewall, characterised in that 
said data conference unit includes a conference server on which conference 
proceeding may be conducted, a reception computer, connected to said conference 
server, said reception computer adapted for connection to conference participants' 
computers, via an external data network, and a control and supervision computer 
connected to said conference server and said reception computer and adapted to 
control access to, and participant behaviour on, said conference server. 

34. A data conference unit, as claimed in claim 33, characterised in that said 
conference server, said reception computer and said control and supervision 
computer are a single data processing machine having functionally distinct modules 
for providing data conference f aciliti es, reception control and conference control. 
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35. A data conference unit, as claimed in claim 33, characterised in that said 
conference server, said reception computer and said control and supervision 
computer are separate and distinct data processing machines linked by data 
connections which are distinct from, and not directly connected to, said internal data 
network. 

36. A data conference unit, as claimed in any of claims 33 to 35, characterised 
in that data transmission between said participants 1 computers and said conference 
server employs IP. 

37. A data conference unit, as claimed in any of claims 33 to 36, characterised 
m that said control and supervision computer is adapted to provide a conference 
leader with dynamic control over participants' access and use of said conference 
server. 

38. A data conference unit, as claimed in any of claims 33 to 37, characterised 
in that said reception computer provides a firewall preventing access by conference 
participants to said internal data network. 

39. A data conference unit, as claimed in any of claims 33 to 38, characterised 
in that said control and supervision computer enables a conference leader to 
control said reception computer and thence to control admission to a conference 
being run on said conference server. 

40. A data conference unit, as claimed In any of claims 33 to 39, characterised 
in that admission to said conference server is controlled by non-recurrent 
passwords issued to participants. 

41 . A data conference unit, as claimed in any of claims 33 to 40 , characterised 
in that there is provided an audio conference facility operating in conjunction with 
said conference server. 

42. A data conference unitrss claimed in claim 41 when dependent on claim 40, 
characterised in that said non-recurrent passwords are issued to participants by a 
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conference leader in a voice communication over said audio conference facility. 

43. A data conference unit, as claimed in any of claims 33 to 42, characterised 
in that there is provided an audio conference facility operating in conjunction with 
said conference server. 

44. A data conference unit, as claimed in any of claims 33 to 43, characterised 
in that said control and supervision computer enables a conference leader to 
activate applications software resident on said conference server and to control 
computer files accessed by said conference server, including files containing 
documents, drawings, calculations, simulations and video film. 

45. A data conference unit, as claimed in any of claims 33 to 44, characterised 
in that said control and supervision computer reports all attempts to access said 
conference server to a conference leader. 

46. A data conference unit, as claimed in any of claims 33 to 45, characterised 
in that said control and supervision computer maintains a log and audit trail of a 
conference conducted on said conference server. 

47. A data conference unit, as claimed in any of claims 33 to 46, characterised 
in that said conference server includes the following functional components: 
"connected application" and "whiteboard". 

48. A data conference unit, as claimed in any of claims 33 to 47, characterised 
in that said conference server has a number of software applications resident 
thereon, including: word processing, a database, a spreadsheet, a graphics 
package, a video streamer and a video conference package. 

49. A data conference unit, as claimed in any of claims 33 to 48, characterised 
in that said participants to said conference can, via participant's computers and 
subject to control and supervision by said conference leader, access and 
manipulate software and data resident on said conference server, and thereby 
cooperatively interact with each other and said conference leader. 
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